package com.myblog.config.security.authorize;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.stereotype.Component;

import java.util.List;

/**
 * 将所有的授权配置类统一管理起来
 */
@Component
public class CustomAuthorizeConfigureProviderManager implements AuthorizeConfigureProviderManager{

    /**
     * 这里可以直接将它所有的实现类注入进来
     */
    @Autowired
    List<AuthorizeConfigureProvider> authorizeConfigureProviderList;

    @Override
    public void configure(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry config) {
        for (AuthorizeConfigureProvider provider : authorizeConfigureProviderList ){
            provider.configure(config);
        }
        //所有请求都要通过身份认证
        config.anyRequest().authenticated();
    }
}
